A secured communication system for military applications provides high bandwidth and support users who operate at different security levels. The requirements depend on the type of information being communicated and upon the parties involved in the communication. In a secured communication network, data may be classified into levels of security. Different classification (security) levels are defined based on potential damage if compromised, thus requiring treatment rules. Different classification levels may include Unclassified, Confidential, Secret and Top Secret. MSLS networks are physically separated networks enforcing the different security levels. Secured communication networks may include Multiple Levels Security (MLS) networks, Multiple Single Level Security (MSLS) networks and the like.
MLS networks provide a means of transmitting data of different classification levels over the same physical network. Data integrity protection, separation of data types, access control, authentication and user identification and accountability, and the like are necessary for ensuring security. For example, when data is on the MLS network, the data is labeled with its security level information. The MLS network ensures that the data and the label are not separated and that data of different security levels are not co-mingled.
When the data is on the Multiple Single Level Security (MSLS) network, the data is kept separate by physical separation of the networks and thus, there is no opportunity for data of different security levels to co-mingle.
In addition, transforming military services to network centric services requires the secured communication networks to have connectivity to multiple radios operating at different security levels (i.e. MLS systems such as Joint Tactical Radio Systems (JTRS)). Many embedded software products for network centric services are required to meet certain levels of security as defined by the Common Criteria. Common Criteria defines seven different security levels called Evaluated Assurance Levels (EAL), ranging from one to seven, with one being the lowest level and seven being the highest level. While Common Criteria does not require the use of EALs, it is generally accepted as the best means for defining the security level of Operating Systems.
When networks connect a real time embedded world of avionics and military multi-level applications, data streams may have to be transmitted between the MLS Networks and the Multiple Single Level Security (MSLS) networks while maintaining desirable security separation. However, the MSLS networks are physically separated and require security certifications. Further, the MSLS networks typically have inadequate interfacing capability with the MLS networks. A secure interface between MSLS networks and MLS networks may be provided via additional hardware (such as a host processor, a host NIC and the like) for each security level, which is very costly and complex.
Therefore, it would be desirable to provide a system and method for providing a secure gateway between MLS networks and MSLS networks while maintaining security separation. It would be further desirable to provide such a system and method which meets high certification requirements.